[drdoom]

There is no other dependency in the encoder/decoder functions so there is no point of failure there. Those functions were developed a long time ago and have not changed. They work with any stream of data and automatically chop off the input after the first few hundred characters. This contains more than enough info for the developers to see exactly what caused the error.

In any case, even if, as you say, if the crypto handling system failed, and it returned nothing, there was no critical information that was lost. Only information on an error message, which you will hear from the user anyway.

[grogenaut]

Aah, I was thinking you might be encoding stack traces or equivalents which you'd want to protect a lot more than the head of user submitted data which the user chooses to re-submit through a seperate channel that is about as secure (esp for the purposes (email)) as the original channel. A hard coded key would be fine for this imho as you don't have to protect the user from the user's own data.

Cool idea btw.